Security Through Obscurity, But Not Really

By Patrick on July 16, 2005 9:29 AM |

I admin about 4 linux boxes at work. I use them because I do a lot of web development and a RedHat install is pretty much out-of-the-box ready for LAMP projects. I spent a whopping hour getting Ruby on Rails up and running on two of the RHEL boxes. Another nice thing is that this type of install makes it easy to use off the shelf LAMP products, specifically phpMyAdmin, which I have to say has come a long way in terms of usefulness (to me at least).

Now, like a lot of people who don't have a lot of time, I tend to install things according to the INSTALL or README document that come with the package. This also means I'm more vulnerable to attack if a problem is discovered in one of these apps that I have installed. So, in addition to making sure that I keep up-to-date one security releases for the packages I have installed, I also install them in non-documented directories.

Now, I know this isn't "security" per se, but it is another step that you can take to not be an easy target for canned attacks (or nessus scans). This incredibly obvious "tip" is sponsored by a large iced mocha.

Categories:

About this Entry

This page contains a single entry by Patrick published on July 16, 2005 9:29 AM.

Heh, indeed was the previous entry in this blog.

Saturday Favorites is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Powered by Movable Type 4.01

Search